Hello Chris - Could you please explain in detail what exactly you are trying to accomplish?
It sounds like you are authenticating against Active Directory but you are running Radiator on Linux? Can you tell us how you differentiate between the 2 domains? We can make better suggestions if we clearly understand the problem. regards Hugh On 24 Jul 2014, at 03:30, Christopher Chance <ccha...@newtechgrp.com> wrote: > Let me just say I got 802.1x working with PEAP/MSCHAPv2 -> NTLM > authentication…. > > The issue is we have 2 domains on our network and want to be able to have the > single 802.1x authentication, sorted by domain authenticate and return the > correct vlan for the user... I couldn’t figure a way out to do it with LDAP2 > as apparently LDAP2 doesn’t like MSCHAPv2/PEAP only PAP for whatever reason… > So NTLM I went to, and it works but that meant I had to join the linux server > to the domain, and only 1 domain per server. > > To solve this I followed someone’s recommendation to have a second radius > server (vm), that’s on the other domain that just checks domains and the > first server will proxy the request to it… simple enough… > > The issue is it doesn’t work, the secondary radius sends the access-accept > but for some reason the main server doesn’t seem to handle the > challenge/accept process correctly anymore and the signin process just hangs > on the wireless… > > So now I’m 110% lost and don’t know what else could be the issue… > > If you can take a look at this and help me out it would be greatly > appreciated, as to where I’m going wrong. > > Good login with primary server doing NTLM: http://pastebin.com/Vimm88Ya > Login that’s hanging being processed from remote Radius: > http://pastebin.com/Lj3MCset > > Config is http://pastebin.com/UCr2vMdk > > Thanks, > Chris > _______________________________________________ > radiator mailing list > radiator@open.com.au > http://www.open.com.au/mailman/listinfo/radiator -- Hugh Irvine h...@open.com.au Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER, SIM, etc. Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc. _______________________________________________ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
